V6071. This file is marked with copyleft license, which requires you to open the derived source code.


The analyzer has detected a file marked with a copyleft license, which requires you to open the rest of the source code. This may be unacceptable for many commercial projects.

If you develop an open-source project, you can simply ignore this warning and turn it off.

Here is an example of a comment that will cause the analyzer to issue the warning:

/*  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation, either version 3 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

For proprietary projects

If you include a file with this type of license (GPL3 in this case) into a proprietary project, you will be required to open the rest of your source code due to the specifics of this license.

Such copyleft licenses are called "viral license" because of their tendency to affect other project files. The problem is that using at least one such file in a proprietary project automatically renders the entire source code open and compels you to distribute it along with the binary files.

This diagnostic detects the following viral licenses:

  • AGPL-3.0
  • GPL-2.0
  • GPL-3.0
  • LGPL-3.0

If you discover that your proprietary project uses files with a copyleft license, you have one of the following options:

  • Exclude this code (library) from your project;
  • Replace the library;
  • Make your project open-source.

For open-source projects

We understand that this diagnostic is irrelevant to open-source projects. The PVS-Studio team contributes to the development of open-source software by helping to fix bugs found in such software and offering free license options to open-source developers. However, our product is a B2B solution, so this diagnostic is enabled by default.

If your code is distributed under one of the copyleft licenses from the list above, you can turn this diagnostic off in one of the following ways:

  • in the plugin for IntelliJ IDEA remove the tick from Settings > PVS-Studio > Warnings > V6071;
  • in the plugin for Gradle add the section disabledWarnings = ["V6071"];
  • in the plugin Maven add the section <disabledWarnings>V6071</disabledWarnings>;
  • parameter --disable V6071 when running pvs-studio.jar manually.

Adding to the list of unsafe licenses

If you know of some other types of viral licenses that our tool does not yet detect, you can inform us about them using the feedback form so that we could add detection of those in the next release.

References


Bugs Found

Checked Projects
355
Collected Errors
13 303